Our site was hacked on Monday night via a vulnerability in CkForms. Fortunately, it was not a malicious hack but it did take our site down for two days and created quite a bit of havoc in the office. We have the log of the violation including server instructions. It started with a Google search of URL's with 'CkForms', and was effected using loopholes in CK Forms to change the administrator password.
For security reasons we do not wish to post the rest of the details here. We need to be in direct contact with someone from Cookex to report this violation (log available). We are very pleased with CkForms but will be forced to report this to the Joomla vulnerabilities list so as to save others from this nightmare. Let us work this out together and post a fix as soon as possible..... Thanks. ()
- Easy to install
- Easy to create
- Easy to configure
- Easy to use
- EN
Site Hack via CKForms (Critical Security Issue)
1 post • Page 1 of 1
Site Hack via CKForms (Critical Security Issue)
by emeka » Thu Apr 01, 2010 11:23 am
- emeka
- Posts: 2
- Joined: Tue Mar 02, 2010 5:18 pm
1 post • Page 1 of 1
Return to CKForms 1.2.1 Support forum
Who is online
Users browsing this forum: No registered users and 1 guest